A list of places and files protected by El Capitan's new SIP

27 October 2015, 06:00

El Capitan introduces a new feature called System Integrity Protection (SIP) that amongst other things stops pretty much anybody but Apple writing to certain folders and files, typically related to the system or Apple’s own apps.

You can discover what these folders are with the following two commands issued in Terminal (which is in the Utilities folder of the Applications list):

cat /System/Library/Sandbox/rootless.conf
cat /System/Library/Sandbox/Compatibility.bundle/

There’s no need to invoke root. Any account can view this info.

You can also use the standard shell command ls -aOl when browsing a folder to view files/folders protected by SIP. They’ll be listed as “restricted”.
[Via Der Flounder]

Leave a comment...